A chilling article that’s must-reading for anyone who travels with a laptop, smartphone, or any other electronic device that stores personal data. Some snippets:

[At San Francisco International Airport] a tech engineer returning from a business trip to London objected when a federal agent asked him to type his password into his laptop computer. “This laptop doesn’t belong to me,” he remembers protesting. “It belongs to my company.” Eventually, he agreed to log on and stood by as the officer copied the Web sites he had visited, said the engineer, a U.S. citizen who spoke on the condition of anonymity for fear of calling attention to himself.
[...]
“I was assured that my laptop would be given back to me in 10 or 15 days,” said Udy, who continues to fly into and out of the United States. She said the federal agent copied her log-on and password, and asked her to show him a recent document and how she gains access to Microsoft Word. She was asked to pull up her e-mail but could not because of lack of Internet access. [...] More than a year later, Udy has received neither her laptop nor an explanation.
[...]
The U.S. government has argued in a pending court case that its authority to protect the country’s border extends to looking at information stored in electronic devices such as a laptop without any suspicion of a crime. In border searches, it regards a laptop the same as a suitcase.

My view: Airport security officers should be there to check the materials you intend to bring into the airport for explosives or weapons. Not for content. Screen the computer to see if it’s loaded with plastic explosives, sure. But don’t read my e-mail. You shouldn’t be editing for content the books I bring onto the plane, you shouldn’t be viewing the phone numbers I dialed, or the web sites I accessed unless you have a warrant and I am a suspect in a crime. And even then, such a search should be conducted by appropriate law enforcement officers, such as the FBI.

But the current administration argues that things like warrants aren’t necessary at the border. Anything goes, regardless of the color of your passport. Here’s hoping the next president has the backbone to reassert some control over this runaway fearmongering security apparatus and reincorporate some basic all-American rights into the legal movement across our borders.

In the meantime, individuals and businesses need to be aware that anything electronic can be confiscated, copied, or destroyed if you’re arriving at an American airport from abroad. That means backing up and/or deleting anything of possible personal or business value. Simply renaming files, as suggested here over a year ago, may not cut it anymore.

Wow, indeed. I found this article very disturbing. I just finished talking to a friend of mine who is a lawyer and he said that technically, you can invoke your 5th amendment right (protection against self-incrimination) if ever asked for a password. In practice, I don’t know how the CBP would react if you did try to invoke this right. It should also be noted that anyone within US soil has the rights of American citizens as well as the right to speak to consular officials from their homeland.

My view: TSA and any other airport security officers should be there to check the materials you intend to bring into the airport for explosives or weapons.

You should read the TSA blog’s response to this item here. I’m not a big fan of some of the stupid things that the TSA does, but this isn’t them. It’s Customs and Border Patrol. Which, since customs is a no-man’s land as far as “civil rights” is concerned, does whatever the hell it wants with you.

(I remember many years ago, when I went to college in Buffalo, getting a lecture at orientation on this very same thing – in particular, when crossing the border, we should be exceedingly polite and deferential, as we had no rights until we were out of the grey zone that is the area between nations. It may have been a bit of hyperbole, but it’s always stuck with me.)

But the critique remains the same: No person at the airport — CBP, in this case — should be demanding to view the contents of my computer or phone, unless there’s an outstanding warrant for my arrest. It’s as close to “thought policing” as you can find.

And that, ladies and gentlemen, is why I support the Electronic Frontier Foundation (http://www.eff.org/), which — if you read the original article linked in Mark’s post — sued the Federal Government yesterday over this issue.

If you are outraged about this, contact your congressional representatives and consider sending a few bucks to the EFF.

More evil and ineptitude from the border scum. Your article on POSTE RESTANTE is all the more crucial now. Be sure to mail your electronics to yourself instead of subjecting them to the airport customs goons.

This has been happend with me recently. The problem is that the officer also asked me to give him a cable to connect an portable HDD. after almost 30 minutes of searching (or pretending to search), he asked me: what drive is the external HDD. When I moved to his desk to help him, I came to know that he pluged the cable in the wrong port. Well, this would be cool if they hire somebody who know even how to check things. All in all, I won’t agree that somebody breach my privacy in that rude way that is why I am not going to bring my laptop with me!

So, set up a virtual OS (think VMWare) and do all your confidential stuff on that. That way, if they want to look at your browser history or other stuff, it’s not immediately available.

If you put the virtual system on an external drive, you have the opportunity to put it in your checked bag or otherwise have it separate from you when you go through customs. That way, there is absolutely no way they can look at it. Or if they do get it, they won’t be able to look at the virtual systems without the correct virtual server.

Additionally, consider using TrueCrypt. Not only will it let you encrypt files and drives but you can create encrypted, hidden areas that simply aren’t visible. Therefore, you can create a bogus encrypted partition with some fake files in it but still hide “the good stuff”. Each encryption password is different so you can give up the “fake” encryption but they will never know the other one is there.

To encrypt stuff and decrypt them again, over and over whenever one wants to go to USA just to avoid that kind of things is impractical. What does the immigration officer needs from my company’s or institute’s privacte information (this can typically be something that the officer does not understand; like research results and documents or so). Other than that, I’ve said that he was interested in seeing my kids’ photos on my external hdd. I believe the best way is to avoid brining laptops on travel.

Once again. There might be a reason why they check the contents of the laptops but this goes tiring for somebody who is just bothered and considered for extra checks just because of his color or nationality. I hope things change to the better but seemingly it goes from bad to worst.

A few options pop into mind, as this is a serious breach of what I feel to be my ‘mind’ or the very least my personal ideas. For others that feel the need to protect their business ideas etc, I have a few suggestions.

For those of you using a laptop running windows, with work and or personal files you wish not to share. I suggest Truecrypt (www.truecrypt.org), a free solution to Full Disk Encryption (FDE). FDE can be setup to use AES encryption, making your laptop extremely safe. I do not however know what legal implications there are to saying “I forget” when asked for a password. (Please donate to this great project if you decide to use it, that is the best way to make sure it continues to exist)

For those of you with smart phones, those running mobile windows, Sprite Software (www.spritesoftware.com [I am not affiliated with them, just use their product]) offers a combo of backup and wipe software. It allows you to backup your phone’s contents to a laptop (including any memory card in the phone), and wipe the phone of all data. The wipe function is designed for loss or theft of the phone, but would make a clean phone to walk though customs with. After customs the phone could be restored using the Sprite backup software.

For those of you carrying a laptop on travel for email etc, or those that do not want to leave traces on a computer there are a plethora of Linux live distributions available that will do what you need. I will recommend one in particular that I use, namely because it has TOR built into the distribution, and wipes all temp files before closing. It is called Incognito and the latest distribution can be found at LiveDistro.org, (http://www.livedistro.org/release-announcements/gnu/linux-releases/incognito-live-cd/usb-i686)

-author not related to any of the products/software listed here, I use them, and thought others might find them useful.

Edit: it appears Customs has the right to ‘confiscate’ your laptop if you fail to provide the password, similar to their ability to confiscate your suitcase if they cannot open it. So I would suggest using Truecrypt to create a Hidden Volume, directions on the Truecrypt home page.

“rights are often waived in the name of security” ??? wow! when did that happen? I always thought they were “inalienable rights”. Since when did our rights become alienable in the name of security? what did that one guy say?? give me liberty or give me… ? have we truly fallen so far?

The Patriot Act allows federal agents to search e-mails and telephone records without a proper search warrant in looking for criminal and terrorist activities. However, the fact that it was passed by the Congress does not mean it is ok, or legitimate, although of course, that is for americans to decide. Many of the people I know have stopped going there because they feel outraged by the way they are treated at the airports.

[...] Related: – Blame Canada? U.S. no-fly lists (and their errors) travel north – No ID at security: Fast-track to a government “list”? Either way, why are we bothering? – Your laptop is a suitcase: How the U.S. government is searching computers, phones, and other electro… [...]

The 5th ammendment would have protected your rights before the patriot act. Anytime they think they need to “protect” the security of the country, regardless of ridiculous methods/reasons, your rights go out the window. You can be held as a member of a terrorist organization and they don’t have to give you your phone call or let you speak to a lawyer. I have a friend that sat in jail for 3 weeks because of that. Lost his job, fell behind in school, couldn’t pay his rent. They said “oops, wrong guy. our apologies” and sent him on his way. No compensation. It’s seriously messed up.

[...] Pushback against Homeland Security searches If you arrive in the United States from overseas, your laptop, cellphone, or other electronic device is treated as if it were a suitcase, subject to s… It’s as if your data is a bag of dirty clothes inside your bag. Why? You’re in the gray [...]